This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4125 Views
  • 0 replies
  • 0 Likes

Blocking YouTube channel - looking for working solution

HiI'm trying to block all YouTube channels and allow to pass only few of them.For first look it should be easy, one rule for passing allowed channels and second rule for blocking all other channels.But it doesn't work .Youtube of course use URL to open channel but later downloading streaming from others addresses .Not sure how to isolate address...

Animex by L1 Bithead
  • 15025 Views
  • 12 replies
  • 0 Likes

Youtube API Integration

Suggestion here to create a miner for Youtube using their API. This would allow whitelisting or blacklisting a specific channel and all associated resources. Eg: You can identify each channel based on URL, but not the videos as these have their own URL with no mention of the channel. The youtube API allos for retrieving all resources URLs...

Threat Alerts

I have configured Threat alerts to be emailed. This is working, however I'm getting information level alerts. I have setup a filter to only mail critical or high. I built this filter under objects/log forwarding, then log type threat. Is this the correct location? I would like to not see any log lower the medium level. How do I stop getting info...

Device Authentication with Azure AD

We have setup an Azure AD environment with some test machines that are Azure AD joined, but not joined to our on-prem AD environment. Our PA certificate is installed on these machines. For a time PA correctly identifies these machines with the correct username. But after a while, it no longer does. This can be temporarily fixed by release/renewi...

Route Public IP range through Shared Gateway

Hi guys, I hope you can lend me a hand here. Our ISP finally allocated us a Public /25 (aa.bb.cc.0/25) subnet which will be routed via the existing /30 (xx.yy.zz.2/30) internet link that we have. We want to split it in half and use the Shared Gateway to route the traffic. The first half is for our webservers in VSYS1 . The other half is for offi...

Office 365 SOAP error : Session End Reason decrypt-error

I am having issues with SSL decryption for office365 . In specific this is related to Azure API and SOAP protocol . Traffic to azure cloud via soap to the following URL "roaming.officeapps.live.com/rs/RoamingSoapService.svc" is keep getting "decrypt-error" . Trying to bypass and adding the site to the exclude list , and/or adding it to a url pr...

11.jpg
12.jpg
bpeeri by L2 Linker
  • 9264 Views
  • 5 replies
  • 0 Likes

Resolved! Native VPN client on android phone

I recently upgraded my PA 5050 to 7.1.9. Before that users could connect to the VPN could connect via their native VPN client on their android phones and today I got a call saying one user no longer could and it was failing on the encryption. Any ideas?

jdprovine by L4 Transporter
  • 14857 Views
  • 28 replies
  • 0 Likes

Resolved! application 'ms-ds-smb' is not a valid reference

Hello, We are seeing the following error occurring when trying to commit changes. Validation Error: rulebase -> application-override -> rules -> SMB -> application 'ms-ds-smb' is not a valid reference rulebase -> application-override -> rules -> SMB -> application is invalid vsys1 Error: application-override rule 'SMB': F...

Farzana by L4 Transporter
  • 4424 Views
  • 1 replies
  • 0 Likes

Resolved! Confused About User-ID and User Mapping

Regarding the User-ID Agent (Active Directory) feature of the firewall, I’m confused as to the difference and need for either the User Mapping and/or User-ID Agent. Is the User Mapping feature replacing the User-ID agent?The units we have were setup prior to my employment as we 6 office locations and two data centers each data center with a 3050...

Time for my annual 'GlobalProtect UI is not good enough' post

I've been complaining about GlobalProtect's lackluster UI for years now. Here's my post from 2016 complaining about the issue: https://live.paloaltonetworks.com/t5/General-Topics/New-Global-Protect-3-0-is-not-good-enough/td-p/75922 Here's my post from 2015 complaining about the exact same problem: https://live.paloaltonetworks.com/t5/General-To...

pmc by L2 Linker
  • 5805 Views
  • 3 replies
  • 5 Likes

GlobalProtect Panel suppression

We have Global Protect set up to use user-logon and use user certificastes issued by our PKI to authenticate users. When a user logs in while connected to an external network, it connects just fine. But when a user logs into windows while connected to our internal network, the panel launches showing a status of not connected. This is very con...

ACC Dashboard

So I know that within in ACC dashboard there is a Risk Score Displayed. There is also Rule list that that shows risky app assosciated rule name . My question is does Panorama give you overall risk score for the rule itself? For example what if I have a mix of Risky apps for Risk 3, 4 ,5. Will it give me a avg risk score for the actual r...

PA-5220 AUX ports SFP+ module attributes

Hi I found thishttps://live.paloaltonetworks.com/t5/Management-Articles/How-to-check-the-media-type-on-the-interface-of-a-Palo-Alto/ta-p/71362 which gave me thisshow system state filter sys.s1.p*.phy But this I don't think shows me aux1 or aux2. Any one know how to show the SFP module info for aux1 and aux2

Aged-out issue

Hi, I have configured PA on Azure but it is unable to ping to PA.It always shows that "aged-out" as error message.Once I ping to proxy-server on Azure, the log is shown on PA but it is aged out and could not get the response.I did set up Static route and everything. I have set up as below.PC->Azure(PA)-Azure(Proxy server)-Intenet Can anybody ...

  • 24336 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks